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REMAPS 



REJECTION OF CLAIMS 1.^ ttndrr m TT<ir 

In the Office Action, the Examiner rejected claims 26, 27, and 29 under 35 USC 
5102(b) as being anticipated by Carter et al., U.S. Patent No. 5,161,192 ('Carter' 
hereinafter). In addition, the Examiner rejected claims 1. 6, 11, 13-18, 26-29, 34-39 40-43 
and 48-53 under 35 USC §102(e) as being anticipated by Adams J, et al., U.S. Patent No' 
5,442,708, ('Adams' hereinafter). In addition, the Examiner rejected claims 1-53 under 35 
USC §10 2(e) as being anticipated by Adams Jr. et al., U.S. Patent No. 5,444,782, ('Adams 
Jr. ' hereinafter). These rejections are fully traversed below. 

Carter discloses a repeater that reads a portion of each frame, which may be all or part 
of the destination address segment and/or of the source address segment. See Carter 
Abstract. It compares the data that it reads with stored access rules to deterrnine whether the' 
frame is permitted or not. See Carter, Abstract. If not, the repeater modifies the frame, for 
example by overwriting it with meaningless digits or by encrypting it. See Carter Abstract. 

Adams discloses a computer network encryption/decryption device (CNEDD) that 
operates by selectively encrypting or decrypting only the data of a data pgck ^ 

leaving the routing information contained in the header portion of the data packet unchanged 
See Adams, Abstract. The CNEDD examines the header of a packet and consults a table 
which includes handling instructions for the packet based on source, destination or other 
mformation provided in the header. See Adams, col. 4, lines 57-64; col. 6, lines 32-36 
More particularly, the table includes matching criteria that contains source and destination 
addresses, and other information. See Adams, col. 6, lines 37-41. In addition, the table may 
contain a plurality of keys used for encryption and decryption. See Adams, col. 6, lines 42- 
43. The table is described as further including handling instructions. See Adams, col. 6, 



lines 43-46. 



Adams Jr. discloses a computer network encryption/decryption device (CNEDD) that 
operates in one of two modes by selectively encrypting or decrypting packets based on 
information contained in a packet's header. See Adams Jr., Abstract. When the CNEDD 
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operates in the standard mode, only the data portion of a packet is encrypted, and a new 
packet is fitted which includes an unencrypted header (with the original routing 
information) and the encrypted data. See Adams Jr., col. 6, lines 63-68. In the tunneling 
mode, both the data characters and the header characters of a packet are encrypted See 
Adams Jr., col. 6, line 68 - col. 7, line 2. In addition, encryption and decryption is performed 
based on information contained in a table, as described in Adams. See Adams Jr col 7 
lines 17-41. Rather than including the routing information from the original data packet in' 
the header of the encrypted packet, the header indicates that the source of the packet is a 
CNEDD and the destination of the packet is a CNEDD in the network which contains the 
intended target node. See Adams Jr., col. 9, line 57-col. 10, line 2. 

Header of encrypted data racket -^ti™ m ^ ^ t ^ 

the data p ark** 

Claims 1,6, 11, 16, and 1 7, as amended, are drawn to a method or system adapted for 
encrypting a data packet according to a predetermined encryption/decryption mechanism, 
generating a new header including a mechanism for identifying the predetermined 
encryption/decryption mechanism and appending the new header to the encrypted data 
packet. 

Similarly, claims 20 and 24 are drawn to a method or system for decrypting a data 
packet including a header that includes a mechanism for identifying an encryption method 
used to encrypt the data packet. 

Claims 26, 36, and 38, as amended, are drawn to a method, computer program 
product, or computer system adapted for encrypting data packets. When a data packet is 
encrypted, a new header is generated and appended to the encrypted data packet The new 
header includes a mechanism for identifying an encryption method used to generate the 
encrypted data packet. As a result, the presently claimed invention permits the encryption 
method to be tailored for each packet transmitted rather than requiring that the encryption 
method be specified statically (e.g., according to the source and/or destination of the packet). 

None of the cited references, separately or in combination, discloses or suggests 
i dentifying an encryp tion method in a header of the encrypted data packet. Similarly, none of 
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the cited references discloses or suggests decrypting a data packet that has a header including 
a mechanism for identifying the encryption method used to encrypt the data packet. 
Accordingly, claims 1, 6, 1 1, 16, 17, 20, 24, 26, 36, and 38 arc patentable over Adams and 
Adams Jr. 



Header of encry pted data packet identifying broadcast addresses of the 
networks associated with the source and destination of the data packet 

Claims 7 and 14, as amended, are drawn to a system adapted for encrypting a data 
packet transmitted from a first host computer on a first computer network to a second host 
computer on a second computer network, and for generating and appending a new header to 
the encrypted data packet. Moreover, the new header identifies broadcast addresses of the 
networks associated with the host computers. 

Claims 32 and 33 are similarly drawn to a method of encrypting data packets in which 
an identifier of the network associated with either the source host computer or the destination 
host computer, respectively, is included in the new header. 

Similarly, claims 1 8 7 22, 40, 50, and 52, as amended, are drawn to. a method, system, 
computer program product, or computer system adapted for decrypting a data packet sent 
from a source to a destination. The data packet has a header identifying broadcast addresses 
of the source and the destination. 

In contrast, Adams discloses that the routing information contained in the header 
portion of the data packet remains unchanged. Thus, Adams neither discloses nor suggests 
appending a new header including the internetwork broadcast addresses of either the source 
or the destination host computers to the encrypted data packet Similarly, Adams neither 
discloses nor suggests decrypting a data packet having a header identifying broadcast 
addresses of either the source or the destination. Accordingly, claims 7, 14, 18, 22, 32, 33, 
40 ? 50, and 52 are patentable over Adams. 

Although Adams Jr. suggests that the routing information included in the original 
data packet may be modified, Adams Jr. states that it is preferred that the new header 
indicates that the source of the packet is a CNEDD and the destination of the packet is a 
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CNEDD in the network which contains the intended target node. See Adams Jr., col. 9, line 
66 - col. 1 0, line 2, Adams Jr. neither discloses nor suggests that the new header include 
broadcast addresses of the source and the destination rather than the addresses of the devices 
that are responsible for encryption and decryption of the data packet. The presently claimed 
invention therefore provides greater protection against tapping into the network to decipher 
the nature of the information transmitted. Accordingly, claims 7, 14, 18, 22, 32, 33, 40, 50, 
and 52 are patentable over Adams Jr. 

SUPPORT FOR NEW CLAIMS AND AMENDMENTS AND DIFFERENTIATION 
OF THE CLAIMS OVER THE CITED ART 

Claims 7-8, 14-15, 18-19, 21-23, 32-33, 40-53, and 56-59 are all drawn a method, 
system or computer program product in which the broadcast address of at least one of the 
networks associated with the source and destination of the data packet are identified in a 
header of a data packet. CoL 6, lines 12-16 and lines 26-28 provide support for claims in 
which the broadcast addresses of the networks associated with the source and destination of 
the data packet may be identified in a header of the data packet. Support for specification of 
correlation data and encryption rules as claimed in claim 56 is disclosed in col. 4, lines 30-67. 

As described above, the cited art neither discloses nor suggests that the new header 
include broadcast addresses of the source and/or the destination rather than the addresses of 
the devices that are responsible for encryption and decryption of the data packet. Similarly, 
the cited art neither discloses nor suggests decrypting a data packet having a header 
identifying broadcast addresses of either the source or the destination. 

Claims 1-6, 9-13, 16-17, 20, 24-31, 34-39, 54-55, and 60-73 are all drawn to a 
method, system or computer program product in which a header includes a mechanism for 
identifying an encryption/decryption method. Col. 6, lines 21-25 provide support for key 
management information such as information indicating which encryption scheme was used 
that may be provided in a header to the data packet. See coL 6, lines 12-20. CoL 6, lines 21- 
25 state that the key management information 440 as well as the original data packet 400 are 
encrypted in mode 2. Therefore, the encryption scheme is indirectly identified by the 
mechanism provided in the header, as recited in claims 69-73. 
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None of the cited references, separately or in combination, disclose or suggest 
providing a mechanism for identifying an encryption method in a header of the encrypted 
data packet. Similarly, none of the cited references disclose or suggest decrypting a data 
packet that has a header including a mechanism for identifying the encryption method used to 
encrypt the data packet. 

SUMMARY 

Dependent claims 2-5, 8-10, 12-13, 15, 19, 21, 23, 25, 27-31, 34-35, 37, 39, 41-49, 
51, and 53 depend from one of independent claims 1, 6, 7, 1 1, 14, 16, 17, 18, 20, 22, 24, 26, 
32, 33, 36, 38, 40, 50, and 52 and are therefore patentable over Adams and Adams Jr. for at 
least the same reasons. However, the dependent claims recite additional limitations that 
further distinguish them from the cited references. Hence, it is submitted that dependent 
claims 2-5, 8-10, 12-13, 15, 19, 21, 23, 25, 27-31, 34-35, 37, 39,41-49, 51, and 53 are 
patentably distinct from Adams and Adams Jr. 

Based on the foregoing, it is submitted that claims 1, 6, 7, 1 1 , 14, 1 6, 1 7, 1 8, 20, 22, 
24, 26, 32, 33, 36, 38, 40, 50, and 52 are patentably distinct from Adams and Adams Jr. In 
addition, it is submitted that dependent claims 2-5, 8-10, 12-13, 15, 19,21,23,25, 27-31,34- 
35, 37, 39, 41-49, 51, and 53 are also patentably distinct for at least the same reasons. The 
additional limitations recited in the independent claims or the dependent claims are not 
further discussed as the above discussed limitations are clearly sufficient to distinguish the 
claimed invention from Adams and Adams Jr. Thus, it is respectfully requested that the 
Examiner withdraw the rejection of claims 1-53 under 35 USC §102(e). Reconsideration of 
the application and an early Notice of Allowance are earnestly solicited. 

If there are any issues remaining which the Examiner believes could be resolved 
through either a Supplemental Response or an Examiner's Amendment, the Examiner is 
respectfully requested to contact the undersigned attorney at the telephone number listed 
below. 

Applicants hereby petition for an extension of time which may be required to 
maintain the pendency of this case, and any required fee for such extension or any further fee 
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No. 50-0388 (Order No. §TTN1P342R). 

Respectfully submitted, 
BEYER & WEAVER, LLP_ 

Elise R. Heilbrunn 
Reg. No. 42,649 




BEYER & WEAVER, LLP 

P.O. Box 61059 

Palo Alto, California 94306 

Tel. (510) 843-6200 
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